FairPlay is a digital rights management (DRM) technology created by Apple Inc., based on technology created by the company Veridisc. FairPlay is built into the QuickTime multimedia software and used by the iPhone, iPod, iPad, Apple TV, iTunes, and iTunes Store and the App Store. Formerly, all songs in the iTunes Store were encoded with FairPlay. Apple later started offering a selection of songs that, after an additional 30 cents is paid per song, could be downloaded FairPlay-free. Currently, in the US, Apple does not sell songs with FairPlay encryption, however, apps downloaded from the iTunes store are still encrypted with FairPlay. FairPlay digitally encrypts AAC audio files and prevents users from playing these files on unauthorized computers.
The majority of FairPlay-encrypted content is purchased through the iTunes Store, using the iTunes software. The iTunes software relies on Apple's Quicktime multimedia software for decoding and playback of the encrypted files. Every media player capable of using QuickTime is capable of playing back FairPlay-encrypted files, including RealPlayer, Media Center, Media Player Classic and Songbird.
- 1 How it works
- 2 Restrictions
- 3 Legal issues
- 4 Circumvention
- 5 Steve Jobs's Thoughts on Music open letter
- 6 iTunes Store DRM changes
- 7 References
How it works
|This section does not cite any references or sources. (July 2014)|
FairPlay-protected files are regular MP4 container files with an encrypted AAC audio stream. The audio stream is encrypted using the AES algorithm in combination with MD5 hashes. The master key required to decrypt the encrypted audio stream is also stored in encrypted form in the MP4 container file. The key required to decrypt the master key is called the "user key".
Each time a new customer uses iTunes to buy a track, a new random user key is generated and used to encrypt the master key. The random user key is stored, together with the account information, on Apple’s servers, and also sent to iTunes. iTunes stores these keys in its own encrypted key repository. Using this key repository, iTunes is able to retrieve the user key required to decrypt the master key. Using the master key, iTunes is able to decrypt the AAC audio stream and play it.
When a user authorizes a new computer, iTunes sends a unique machine identifier to Apple’s servers. In return it receives all the user keys that are stored with the account information. This ensures that Apple is able to limit the number of computers that are authorized and makes sure that each authorized computer has all the user keys that are needed to play the tracks that it bought. , When a user deauthorizes a computer, iTunes will instruct Apple’s servers to remove the unique machine identifier from their database, and at the same time it will remove all the user keys from its encrypted key repository.
The iPod also has its own encrypted key repository. Every time a FairPlay-protected track is copied onto the iPod, iTunes will copy the user key from its own key repository to the key repository on the iPod. This makes sure that the iPod has everything it needs to play the encrypted AAC audio stream.
FairPlay does not affect the ability of the file itself to be copied. It only manages the decryption of the audio content.
FairPlay-encrypted audio tracks allow the following:
- The track may be played on up to five (originally three) authorized computers simultaneously.
- A particular playlist within iTunes containing a FairPlay-encrypted track can be copied to a CD only up to seven times (originally ten times) before the playlist must be changed.
- The track may be copied to a standard audio CD any number of times.
- The resulting CD has no DRM and may be ripped, encoded and played back like any other CD. However, CDs created by users do not attain first sale rights and cannot be legally leased, lent, sold or distributed to others by the creator.
- The CD audio still bears the artifacts of compression, so converting it back into a lossy format such as MP3 may aggravate the sound artifacts of encoding (see transcoding). When re-ripping such a CD one could use a lossless audio codec such as AIFF, Apple Lossless, FLAC or WAV however such files take up significantly more space than the original MP3 files.
At this time, it appears that the restrictions mentioned above are hard-coded into QuickTime and the iTunes application, and not configurable in the protected files themselves.
FairPlay prevents iTunes customers from using the purchased music directly on any portable digital music player other than the Apple iPod, Motorola ROKR E1, Motorola SLVR, Motorola RAZR V3i, the iPhone and the iPad.
On January 3, 2005, an iTunes online music store customer, Thomas Slattery, filed a lawsuit against Apple Inc., alleging the company broke antitrust laws by using FairPlay with iTunes so that purchased music will work only with its own music player, the iPod, freezing out competitors. Though most of the complaints have been dropped, the case has since been combined with two other lawsuits and continues today under the temporary name "The Apple iPod iTunes Antitrust Litigation".
On June 28, 2004, VirginMega filed a complaint with the French Competition Council against Apple regarding its refusal to license FairPlay to VirginMega for use in their own online music commerce store. The Council (Conseil) rejected the complaint over accused anti-competitive behavior. The Conseil ruled against the notion that FairPlay was an "essential facility" for three distinct reasons:
- Playing purchased music on portable players was a small part of the market;
- CD Burning provides an adequate work-around to get purchased music from other vendors onto an iPod; and
- There is sufficient availability of portable players that support Microsoft's WMA DRM as a viable alternative and choice for consumers.
After the launch of the iTunes Store, multiple people attempted to circumvent the encryption of FairPlay-protected files.
Jon Johansen – also known for his DeCSS program – was the first to devise a way to circumvent the DRM. The open source application QTFairUse intercepted the decrypted output and wrote it to a raw AAC file. Many media players do not support such raw files and the files had to be processed with a tool like FAAD to create normal files. One of the few media players that is able to play raw AAC files is foobar2000.
The second time around, Johansen reverse engineered the encryption technique used in FairPlay and created an algorithm to completely remove the encryption without re-encoding the encrypted AAC stream. This method was also used by VLC media player in order to play FairPlay-protected tracks until a newer version of iTunes and FairPlay broke it.
Only a few days after the release of iTunes 7.0 the experimental version 2.3 of QTFairUse6, a derivative of the python open source QTFairUse, was released which dumps each track to a raw AAC file which then can be converted to any format.
Jon Johansen himself also released a tool to remove the encryption, called DeDRMS. Later he released FairKeys, which uses Apple’s own servers to retrieve the keys needed by DeDRMS.
All these applications have two things in common. First, they employ the user keys from either the Apple servers, the iTunes key repository, or the iPod key repository, which ensures they can decrypt only files that are legally bought; a user cannot use these applications to decrypt files that another user bought. Second, they keep user specific metadata inside the MP4 container intact, so it is possible to identify the user who originally bought the file after it is decrypted.
In March 2005, it was revealed through a front end of the iTunes Store called PyMusique that the FairPlay DRM was added only as a song was being purchased from the store by the client software itself.
In October 2006, Jon Johansen announced that instead of breaking FairPlay, he had reverse-engineered it so that other companies could play their DRM-protected music and movies on iPods and Apple's new Apple TV. His company, doubleTwist, would license the technology to media companies who wished to have their media playable on the iPod or Apple TV, with the protection of FairPlay DRM, but without having to go through Apple.
Playfair, Hymn, and JHymn
A software package named PlayFair – created by an anonymous author – also appeared. It can remove the encryption from files using the FairPlay DRM mechanism. The author of Playfair used the source code written by Jon Johansen for VLC. Apple's legal department forced PlayFair to be first removed from SourceForge.net, and then when the Indian open source web site Sarovar.org hosted the project they too were sent a cease and desist by Apple's lawyers. However, Playfair's successor Hymn (a backronym for "Hear Your Music aNywhere") has become JHymn, a Java variant of the program, and iOpener, a Windows variant.
Apple Computer introduced iTunes 6.0 in October 2005, which included changes intended to stop programs like JHymn from decrypting FairPlay encrypted files. Furthermore, once iTunes 6 has been used to purchase songs or authorize a computer with a particular iTMS account, that account will be blocked from making purchases or activations on earlier iTunes versions, thus JHymn can no longer be used.
Apple Computer introduced iTunes 7.0 in September 2006, which once again included changes intended to stop programs similar to JHymn.
Harmony: RealPlayer Music on the iPod
In July 2004, RealNetworks introduced their Harmony technology. The Harmony technology is built into RealPlayer and allows users of the RealPlayer Music Store to play their songs on the iPod. Before the introduction of Harmony this was not possible, because the RealPlayer Music Store uses a different DRM scheme, called Helix DRM, that was incompatible with that used by Apple. While using RealPlayer to transfer a Helix DRM-restricted song onto the iPod, Harmony transparently converts it to a FairPlay-compatible protected file. Real argued that Harmony was a boon to consumers that "frees" them "from the limitation of being locked into a specific portable device when they buy digital music." Apple responded:
- We are stunned that RealNetworks has adopted the tactics and ethics of a hacker to break into the iPod, and we are investigating the implications of their actions under the DMCA and other laws. We strongly caution Real and their customers that when we update our iPod software from time to time it is highly likely that Real's Harmony technology will cease to work with current and future iPods.
RealNetworks launched an internet petition titled "Hey Apple! Don't break my iPod", encouraging iPod users to sign up to support Real's action. The petition backfired badly. The overwhelming majority of posters reacted negatively. The main points of criticism against Harmony were:
- Many posters accused RealNetworks of astroturfing with the petition they had created.
- RealNetworks was criticised for hypocrisy in keeping its own intellectual property and products closed, while asking Apple to open up the iPod.
- The move was also denounced as an attempt to force Apple into a partnership that would only benefit RealNetworks.
Apple did disable Harmony around the time of the iPod photo launch, and to older versions shortly after in firmware updates. The change makes it so that all music (past and present) purchased through the RealPlayer Music Store will not work on Apple's iPod. In response, Real said they would get it working again.
In August 2005, an SEC filing by RealNetworks disclosed that continued use of the Harmony technology put themselves at considerable risk because of the possibility of a lawsuit from Apple, which would be expensive to defend against, even if the court agreed that the technology is legal. Additionally, the possibility that "Apple will continue to modify its technology to 'break' the interoperability that Harmony provides to consumers" would mean that "Harmony may no longer work with Apple's products, which could harm our business and reputation, or we may be forced to incur additional development costs to refine Harmony to make it interoperate again."
Harmony never resurfaced as an option by RealNetworks.
Requiem was originally released by "Brahms" as version 1.0 in February 2008, and version 1.8.17 was released in early 2010. Requiem allows a person to decrypt music, movies, and e-books that they are authorized to play in iTunes by reverse-engineering Apple's FairPlay algorithm. Requiem does not remove identification tags from songs. However, there are other methods to remove them.
Requiem works by decrypting the iTunes configuration files that are in "/Users/Shared/SC Info". In Mac OS X, the key to decrypt these config files is an obfuscated version of the MAC address of one's computer. In Windows, an amalgamation of hard drive volume information and registry keys are used instead of the MAC address. The initialization variable for this decryption is a hard coded constant. The program then decrypts the keys in the config files as well as the private atoms in the audio/video files and creates unencrypted versions. An updated iTunes 7.6.2 disabled Requiem, however, versions 1.4 and 1.5 again circumvented the protection. Apple again disabled Requiem with iTunes 8, but the author released version 1.8.2 which circumvents iTunes 8 DRM on Mac OS and Microsoft Windows systems. Apple responded by releasing iTunes 8.0.2, which again disabled Requiem.
Apple has taken steps to remove references to Requiem from the JHymn forums. A JHymn forums explained Apple's cease and desist order against the forum regarding posting information on circumvention technologies like Requiem. Since the C&D order, the author of Requiem initially made it available with source code on the anonymous Freenet network, but then moved it to a Tor hidden service. From there it has been copied onto popular BitTorrent public trackers, such as The Pirate Bay.
On March 16, 2009, the day that iTunes 8.1 was released, Requiem was updated several times, ending up with version 1.8.8. Requiem 1.8.8 decrypts files with iTunes 188.8.131.52, but, as before, Apple responded by releasing iTunes 184.108.40.206, which appears to again disable Requiem. As of May 5, 2009, Requiem 1.8.10 decrypts files with iTunes 8.1.1. On January 5, 2010, Requiem 1.8.16 was released for iTunes 9.0.2. On January 21, 2010, Requiem 1.8.17 was released for iTunes 9.0.2 as a bug-fix to process files with a size greater than 4GB. Versions 2.X, updated for iTunes 10, required use of an iPod, iPhone, or iPad to decrypt music. Apple plans to have iTunes update the DRM coding on videos bought from the iTunes Store automatically by checking the files to see if the coding is up to date. Requiem 3.1 was released for Mac only, and does away with the need for an iOS device. It has been updated to version 3.3 (Mac & Windows) to support iTunes 10.5.3, and now also removes the DRM on Apple's ePub format ebooks. Since then it has been updated to version 4.0 to support removing DRM from 1080p iTunes TV shows. 4.0.1 was issued shortly after as a bug fix. Its final update, 4.1, was issued to remove easy bugs. Brahms stated the following: "Requiem 4.1 will be my last official release, barring any obvious bugs that are easy to fix."
There are methods to bypass the DRM control. The first method is to burn a copy to an audio CD—either real or virtual—and then rip it.
The second method is to use a recording software and sound card, using the so-called "analog hole", for example, Replay Music which records and also identifies and tags the songs using an audio fingerprinting algorithm.
The third way is to use some DRM removal software like NoteBurner and M4VGear which claims to adopt deciphering technique to strip DRM from media files.
Steve Jobs's Thoughts on Music open letter
On February 6, 2007, Steve Jobs, CEO of Apple Inc., published an open letter entitled Thoughts on Music on the Apple website calling on the "big four" music companies to sell their music without DRM. According to Jobs, Apple does not want to use DRM but is forced by the four major musical labels with whom Apple negotiates contracts for iTunes. Jobs's main points were:
- DRM has never been and will never be perfect. Hackers will always find a method to break DRM.
- DRM restrictions only hurt people using music legally. Illegal users aren't affected by DRM.
- The restrictions of DRM encourage users to obtain unrestricted music, which is usually only possible via illegal methods.
- The vast majority of music is sold without DRM via CDs, which have proven commercially successful.
Jobs' letter was met with some praise but many others criticized Apple's hypocritical approach to DRM. While openly criticizing DRM, Apple has been actively threatening or suing anybody trying to open their own DRM or make it interoperable. Critics claim that this is not because Apple is afraid of illegal copies but because it gives them an advantage in their market position as a leader in both electronic music sales (iTunes) and in music players (iPod), reinforcing each other due to the FairPlay DRM.
Selected responses to Thoughts on Music
The essay caused ripples across the music industry, prompting replies from other major players. Responses include those from Jon Lech Johansen on February 6, MP3.com founder Michael Robertson on February 8, Warner Music boss Edgar Bronfman and the open DRM Coral Consortium on February 9, head of Yahoo Music Dave Goldberg on February 11, Fred Amoroso of Macrovision on February 16 and the Free Software Foundation on March 7.
The famous decoder of the Content Scramble System, Jon Lech Johansen, criticized Jobs' statistical evidence that users are not locked into using the iPod by using the iTunes Store to download music with Apple Computer's FairPlay (DRM).
Warner Music Group Corp.'s Edgar Bronfman
A multi-industry group working on creating interoperability between DRM formats, the Coral Consortium responded with an invitation to incorporate their technical specifications for interoperability into the iTunes framework.
Yahoo's Dave Goldberg
Macrovision's Fred Amoroso
CEO and President of Macrovision Corporation Fred Amoroso posted his own open letter in response to Steve Jobs's. In his reply, Amoroso argued that DRM increases both consumer value and electronic distribution by giving users choices (e.g. rent vs. buy). He also argues in favor of interoperable and "open" DRM.
iTunes Store DRM changes
EMI music made available DRM-free
On April 2, 2007, Steve Jobs and EMI announced DRM-free music for EMI's complete music library for a 30¢ premium above the standard price. This began in May 2007. Soon after, Amazon.com began selling unrestricted music files for 99¢ and Apple dropped the price of its DRM free music back to 99¢.
Announcement of FairPlay restrictions removal
On January 6, 2009 Apple announced at the 2009 Macworld Conference & Expo that they had reached an agreement with major record labels to sell all music on the iTunes Store free of DRM restrictions. Eight million tracks were available with FairPlay restrictions removed from that day with the remainder of the music store to be DRM-free by the end of March 2009. However, movies, books, and television shows purchased from the iTunes Store still contain FairPlay restrictions.
- "Apple Unveils Higher Quality DRM-Free Music on the iTunes Store". Retrieved June 22, 2011.
- "Can I still buy music encoded at 128 Kbps with Digital Rights Management (DRM)?".
- "Copy Protection Overview". Retrieved October 22, 2013.
- ""Songbird"". Addons.songbirdnest.com. Retrieved August 26, 2013.
- "Can't burn a CD in iTunes for Windows". Docs.info.apple.com. Retrieved September 13, 2008.
- "InternetNews Realtime IT News – Apple Hit by Lawsuit". Internetnews.com. Retrieved September 13, 2008.
- "Apple Inc. 10-Q". EDGAR. May 10, 2007. p. 38. Retrieved June 21, 2007.
- "Décision n° 04-D-54 du 9 novembre 2004 relative à des pratiques mises en oeuvre par la société Apple Computer, Inc. dans les secteurs du téléchargement de musique sur Internet et des baladeurs numériques" (PDF). Retrieved August 26, 2013.
- "iTunes, DRM and competition law". Reckon.co.uk. Retrieved August 26, 2013.
- Gannes, Liz (October 2, 2006). "DVD Jon Fairplays Apple". GigaOM. Archived from the original on November 2, 2007.
- DRM. "JHymn Info and Help". Hymn-project.org. Retrieved September 13, 2008.[dead link]
- "RealNetworks Introduces Harmony, Enabling Consumers to Buy Digital Music that Plays on All Popular Devices". Realnetworks.com. Retrieved September 13, 2008.
- "Real v Apple music war: iPod freedom petition backfires - Hardware - Breaking Business and Technology News at silicon.com". Hardware.silicon.com. Retrieved December 14, 2014.
- AppleInsider Staff. "AppleInsider | Real admits risk of Apple lawsuit". Appleinsider.com. Retrieved September 13, 2008.
- "Removing private data from iTunes songs". Retrieved February 10, 2009.
- Requiem 1.7.3 README file
- "Requiem". Retrieved October 12, 2009.
- "Requiem". Retrieved February 25, 2010.
- Jobs, Steve (February 6, 2007). "Thoughts on Music". Archived from the original on May 17, 2008. Retrieved May 17, 2008.
- An open letter to Steve Jobs at the Wayback Machine (archived June 21, 2007)
- "DVD Jon Responds to Steve Jobs' DRM Address". DailyTech. Retrieved August 26, 2013.
- Cory Doctorow at 9:35 pm Wed, March 22, 2006 (March 22, 2006). "Apple's hypocritical slam against French DRM-interop law". Boing Boing. Retrieved August 26, 2013.
- Name *. "Karel Donk's Blog » Blog Archive » DRM in trouble and Windows Vista sales lacking". Kareldonk.com. Retrieved August 26, 2013.
- "nanocr.eu » Blog Archive » Steve’s misleading statistics". Nanocrew.net. Retrieved September 13, 2008.
- "Warner Music Group F1Q07 (Qtr End 12/31/06) Earnings Call Transcript - Seeking Alpha". Media.seekingalpha.com. Retrieved September 13, 2008.
- "Welcome to Coral Consortium". Coral-interop.org. Retrieved September 13, 2008.
- "Yahoo exec says removing DRM from music boosts sales". Siliconvalleywatcher.com. Retrieved September 13, 2008.
- "Article & Reviews - Macrovision". Macrovision.com. Retrieved September 13, 2008.[dead link]
- Apple to end music restrictions, BBC News, January 7, 2009.
- Cohen, Peter (January 7, 2009). "iTunes Store goes DRM-free". Macworld. Mac Publishing. Retrieved February 10, 2009.